Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

@cpubus I tried to find the thing you told me and its not within the folder, here is whats in the folder for me - Screenshot by Lightshot -. As for the uvk scan you want me to do callender im doing it right now

[QUOTE=AfrimS;2963985]@cpubus I tried to find the thing you told me and its not within the folder, here is whats in the folder for me - Screenshot by Lightshot -. As for the uvk scan you want me to do callender im doing it right now

Yes that "xrWCtmg2" file is the main cuplrit here but all those files in that folder are used by it. That whole folder needs to go but it should stop with at least that one file destroyed. Use the delete option in UVK since normal delete will not work. But first, if you could, (and this is optional) upload that "xrWCtmg2" file to Virustotal.com and link us to the results so we can see if this virus is classified by anything at all.

@cpubus I tried to find the thing you told me and its not within the folder, here is whats in the folder for me - Screenshot by Lightshot -. As for the uvk scan you want me to do callender im doing it right now

Yes that "xrWCtmg2" file is the main cuplrit here but all those files in that folder are used by it. That whole folder needs to go but it should stop with at least that one file destroyed. Use the delete option in UVK since normal delete will not work. But first, if you could, (and this is optional) upload that "xrWCtmg2" file to Virustotal.com and link us to the results so we can see if this virus is classified by anything at all.

One other suggestion with a word of caution. This thing seems to evade detection by using digitally signed files but you can prevent it in future using Execute Prevent. The problem with that approach is that it can interfere with some legitimate programs like Geek Uninstaller that uses AppData to run it's executable from so would need to be added as an exclusion.

If you like you could test for a while using the following settings in UVK that will make the required changes. You'd need to keep UVK installed and add exclusions when needed.

This thing was hiding pretty well, but they could have done more to prevent it from being removed. I've had adware fight me more lol. I'd like to know what in fact its purpose is. Well I'm signing off for the weekend, I expect to see more of these at work soon. We had what, 4 people infected visit this thread today including me?

Well done and thank you for all your hard work. As far as I know there are at least a couple of other threads started by users with the same issue and a quick internet search shows a few users posting the same issue on other forums - all fairly recently. It would be interesting to know how it arrives on a user's machine.

EDIT: I didnt see the notification saying i had to reboot sadly but i just rebooted right now and it is no longer there anymore. What should I do next?

EDIT: Upon doing the Reboot the second explorer.exe has not come back yet. Im going to continue doing what I normally do for one day or so just to make sure it does not come back and if it doesnt I will mark the thread Solved!

Much thanks to everyone honestly this has been great and also a big bother to deal with.

Check to see if it's gone after a reboot. If it isn't state if you can open it. If you can't - right click and choose "properties and look at the folder size. There will be other ways to delete it if it still exists.

Two explorer.exe, One taking all of my RAM's Memory

Two explorer.exe, one taking up to 3 gigs system memorySo the other thread was no help, so I started this one. When I start up my computer and after its loaded (in normal and clean boot) an explorer.exe shows up and starts rapidly ballooning up over the 2 million bits mark, making my computer really slow.
I've cleaned with Comodo, Malwarebytes...

Performance & Maintenance

MsMpEng.exe taking up too much memoryMsMpEng.exe(windows defender) has taken up lots of my computer's ram and cpu usage and is making my computer really slow
But when I try to open windows defender it says that windows defender has been disabled even though MsMpEng is running. Trying to turn on windows defender in order to disable it...

System Security

Internet explorer taking up a lot of memory, also disable screensaverDoes this happen to someone else also? I usually have about half dozen IE windows opened at anytime. I might start a few more and then close a couples. But eventually I notice one or two if the IE processes start to use up several hundred MB ram up to eventually 1GB ram. When one of the IE...

Browsers & Mail

Why is IE taking up so much memory?I took a look at my TaskMan because my Core 0 was at 100%, and I just exited a flash game.
I had 4 IE windows open, and a total of 4 tabs. One iexplore.exe was using over 400,000K. I clicked on the Applications tab, right clicked on each App, and selected Go To Process. None took me to the...

Graphics taking more memoryHi, recently i brought a DELL Inspiron 15 laptop, which has 4GB RAM and integrated Graphics+Core i5 Processor.But when i check my system properties it shows Available Memory : 4GB (Usable 2.93GB). when i made some tests regarding the 1 GB missing RAM, i found that intergrated Graphics current...